mobile-7-17-17.pngWithout question, mobile technology has brought a revolution in communications and commerce. You may well be reading this article on some kind of mobile device, so I certainly won’t complain. The device-driven lifestyle has likewise brought new opportunities for banks to deliver their products and services digitally, but, in doing so, has also recast some old risks for banks that seek to capitalize on those opportunities.

Device-based delivery has empowered the consumer with the ability to make financial decisions all that more quickly. Bank customers have come to expect the same seamless and unobtrusive digital product and service delivery for financial products as they expect from any other app, and banks have the technology to deliver on those expectations.

However, the customer base into which those products are marketed is fundamentally unchanged, notwithstanding this revolution of access. From a consumer compliance perspective, there was a certain amount of safety built into the old inefficiencies. Physically traveling to a branch and taking the time to manually complete paperwork, as much of a drudgery as that may have felt, nonetheless imposed a certain amount of time for deliberation. By making the process faster and more efficient, banks have also compressed the deliberative horizon of consumer financial choice. There has always been a tension between the marketing of a financial product and educating the consumer on how that product works, and some additional thought needs to be given to the balance between those aspects of customer interaction in the digital realm.

The Dodd-Frank Act prohibits conduct that is unfair, deceptive or abusive. An act or practice is deemed unfair when it causes or is likely to cause substantial injury to consumers that is not reasonably avoidable by them. The Consumer Financial Protection Bureau (CFPB), building on Federal Trade Commission precedent, has determined that an injury is not reasonably avoidable when an act or practice interferes with or hinders a consumer’s ability to make informed decisions or take action to avoid the injury. While state law prohibitions aren’t completely in lockstep, similar concepts generally apply.

Customers being offered the opportunity to use a financial product need to understand the product in a sufficiently accurate and detailed way as to act in an informed manner in electing to purchase or not to purchase the product. The customer also needs to have a sufficient opportunity to act on this understanding. To the extent that digital delivery reduces the timeframe of this opportunity, the importance of customer understanding becomes all that more pronounced.

As a practical matter, consumer understanding needs to be sufficiently clear not only from a purchasing decision standpoint but also from a utility standpoint; the customer must be able to actually realize the benefits of the product. There have been a number of CFPB actions that have cited the failure of customers to obtain value from the use of a product as a basis for the action being taken. If consumers do not understand how to effectively use the product or service they have been sold, that can also lead them to become frustrated—both with the product itself and with the institution that sold it to them.

Collection of consumer complaint data and ongoing analysis of complaint trends by the CFPB means that the bureau’s enforcement focus will always be dynamic and will tend to follow trends in product delivery—whatever customers are most dissatisfied with at a particular point in time will drive the nature and content of their complaints.

As with other areas of risk, having an independent and empowered risk management function within the bank is critical. While it is always important for risk management to avoid becoming overly focused in certain areas at the expense of others (credit risk over compliance risk, for example), the board should make particularly sure that the leading edge of technological delivery gets the attention that it deserves. Part of this is ensuring that the risk management department has the resources and expertise it needs to both understand and evaluate the risks of digital products and services as they are being developed, before they go live. Whether the bank is developing and implementing technologies internally, is using a white-labeled product or is undertaking a partnership with a technology company, involving compliance and risk management resources at a sufficiently early stage of the process to allow for course correction can help to avoid costly and more disruptive consequences post-implementation.

Ken Achenbach